On May 8, 2024, Ascension, one of the largest health systems in the United States, detected unusual activity on its technology network systems, marking the beginning of a significant ransomware cyberattack on hospitals. This breach affected various critical systems, including electronic health records, test ordering, and prescription services, across Ascension’s 140 hospitals in 19 states and Washington D.C. The attack disrupted hospital operations, forcing staff to revert to manual processes and significantly impacting patient care. 

Understanding the implications of this cyberattack is crucial, as it highlights the vulnerabilities in healthcare cybersecurity and the urgent need for robust protective measures.

Background

Ascension is a leading non-profit and Catholic health system in the United States, known for its commitment to delivering compassionate, personalized care. Established in 1999 through the merger of the Daughters of Charity National Health System and the Sisters of St. Joseph Health System, Ascension has grown to include approximately 134,000 associates and 35,000 affiliated providers. 

The network operates 140 hospitals and over 2,600 sites of care across 19 states and Washington, D.C. Ascension’s mission emphasizes serving the poor and vulnerable, reflected in its provision of $2.2 billion in community benefits in FY2023, including care for those living in poverty. Beyond hospital care, Ascension encompasses various services such as senior living, home care, and pharmacy operations, driven by a faith-based approach to healthcare that values dignity and respect for all individuals.

Immediate Impact on Hospital Operations

The cyberattack on Ascension had an immediate and profound impact on hospital operations, forcing a significant shift to manual and paper-based processes. Hospital staff had to write notes by hand and deliver orders for tests and prescriptions in person. This abrupt change led to numerous operational challenges. Kris Fuentes, who works in the neonatal intensive care unit at Ascension Seton Medical Center in Austin, described the situation as “unorganized, chaotic and at times, scary.”

One major issue was the delay in medication administration and lab results. Handwritten orders replaced the usual digital processes, which introduced errors and slowed down operations. “Medications are taking longer to get to patients, lab results are taking longer to get back,” Fuentes explained. These delays in receiving lab results often postpone critical decisions regarding patient treatment plans.

The lack of digital systems also disrupted the hospital’s communication capabilities. Some phone systems were offline, making it difficult for patients to access portals used to view medical records and contact their doctors. This created significant inconvenience and potential health risks for patients who needed timely information and medical advice.

In some cases, emergency patients were triaged to different hospitals due to the disruptions caused by the cyberattack. Additionally, certain non-emergent appointments and procedures were postponed, further impacting patient care and hospital operations. Ascension pharmacies were also affected, with some locations becoming non-operational and patients being asked to bring in prescription bottles or numbers, highlighting the widespread disruption across the health system.

In addition to the operational disruptions, the cyberattack also impacted financial transactions within Ascension’s network. With electronic payment systems down, individuals enrolled in Ascension health insurance plans were directed to mail in their monthly payments. This shift to manual processing for insurance payments not only added an administrative burden but also posed potential delays in payment processing and verification, further complicating the financial management for both the hospital system and the insured patients.

Long-Term Implications

The cyberattack on hospitals has led to an extensive investigation involving industry-leading cybersecurity experts and federal agencies such as the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). Ascension has also engaged forensic experts to assist in understanding the root cause of the breach and to guide the restoration and recovery efforts.

The full restoration of Ascension’s systems is expected to take considerable time. As stated by Ascension, the process involves a thorough validation and screening of systems to ensure they are securely rebuilt, which means normal operations may not resume for an extended period. This delay in system restoration highlights the significant challenges faced by healthcare providers in the wake of such attacks.

Broader implications of this cyberattack on hospitals include a reevaluation of hospital preparedness and response strategies to cyber threats. The healthcare sector, increasingly targeted by cybercriminals, must invest in robust cybersecurity measures to protect critical infrastructure. This incident underscores the importance of having comprehensive downtime protocols and emergency response plans to maintain patient care during digital disruptions. Moreover, the $50 million federal investment in cybersecurity tools, as announced by the U.S. Department of Health and Human Services, aims to bolster defenses and support hospitals in mitigating future risks.

Comparative Analysis with Previous Cyberattacks

The Ascension cyberattack mirrors the significant ransomware attack on Change Healthcare that occurred in February 2024. The attack on Change Healthcare, a subsidiary of UnitedHealth Group, was carried out by the BlackCat/ALPHV ransomware group, leading to substantial disruptions across the U.S. healthcare system. This breach affected vital services such as payment processing, prescription writing, and insurance claims and resulted in financial damages estimated at $872 million.

Ransomware attacks on healthcare systems have seen a dramatic increase in recent years. According to a 2023 study from the University of Minnesota, such attacks more than doubled between 2016 and 2021, compromising the private health information of nearly 42 million people. This trend underscores the growing threat to healthcare providers and the need for robust cybersecurity measures.

The financial and operational impact of these cyberattacks is profound. The Change Healthcare incident led to delays in processing healthcare claims and filling prescriptions, causing widespread disruption. Similarly, the Ascension attack forced hospitals to revert to manual processes, resulting in delays and errors in patient care. These incidents highlight the critical need for healthcare providers to invest in stronger cybersecurity defenses to protect their systems and ensure the continuity of patient care.

Fortifying Healthcare Systems Against Cyberattacks

The cyberattack on hospitals underscores the critical vulnerabilities in the healthcare sector’s cybersecurity infrastructure. As illustrated by the widespread disruptions in hospital operations and patient care, the need for robust, proactive cybersecurity measures has never been more urgent. Incidents like these, alongside the February 2024 ransomware attack on Change Healthcare, highlight the escalating threat landscape that healthcare providers face. 

For healthcare organizations, safeguarding patient data and ensuring uninterrupted medical services is paramount. Investing in advanced cybersecurity solutions, such as those offered by TeraDact, can provide the necessary protection against such threats. TeraDact specializes in cutting-edge cybersecurity technologies designed to prevent breaches, protect sensitive information, and ensure operational continuity.

To learn more about how TeraDact can help your organization fortify its cybersecurity defenses, visit our website and explore our comprehensive solutions. Secure your healthcare operations today to prevent tomorrow’s disruptions.